﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using TierApplication;
using TierService.DEncrypt;

/// <summary>
///Security 的摘要说明
/// </summary>
public class Security
{
	public Security()
	{
		//
		//TODO: 在此处添加构造函数逻辑
		//
	}

    public static readonly string key = "Ctrip2011";

    public static string GetAccountId()
    {
        string AccountId = "";
        if (HttpContext.Current.User != null)
        {
            if (HttpContext.Current.Session["AccountInfo"] != null)
            {
                T_ACCOUNT info = (T_ACCOUNT)HttpContext.Current.Session["AccountInfo"];
                AccountId = info.ACCOUNTID;
            }
            //if (HttpContext.Current.User.Identity.IsAuthenticated)
            //{
            //    if (HttpContext.Current.User.Identity is FormsIdentity)
            //    {
            //        FormsIdentity id =
            //        (FormsIdentity)HttpContext.Current.User.Identity;
            //        FormsAuthenticationTicket ticket = id.Ticket;
            //        AccountId = ticket.Name;
            //    }
            //}
        }
        return AccountId;
    }

    public static string GetSchoolID()
    {
        string schoolID = "";
        if (HttpContext.Current.User != null)
        {
            if (HttpContext.Current.Session["AccountInfo"] != null)
            {
                T_ACCOUNT info = (T_ACCOUNT)HttpContext.Current.Session["AccountInfo"];
                schoolID = info.SCHOOLID;
            }
        }
        return schoolID;
    }

    public static string GetAccountName()
    {
        string GetAccountName = "";
        if (HttpContext.Current.User != null)
        {
            if (HttpContext.Current.Session["AccountInfo"] != null)
            {
                T_ACCOUNT info = (T_ACCOUNT)HttpContext.Current.Session["AccountInfo"];
                GetAccountName = info.ACCOUNTNAME;
            }
            //if (HttpContext.Current.User.Identity.IsAuthenticated)
            //{
            //    if (HttpContext.Current.User.Identity is FormsIdentity)
            //    {
            //        FormsIdentity id =
            //        (FormsIdentity)HttpContext.Current.User.Identity;
            //        FormsAuthenticationTicket ticket = id.Ticket;
            //        // 取存储在票据中的用户数据，在这里其实就是用户的角色 
            //        GetAccountName = ticket.UserData;
            //    }
            //}
        }
        return GetAccountName;
    }

    /// <summary>
    /// 
    /// </summary>
    /// <returns></returns>
    public static bool IsAuthenticated()
    {
        return HttpContext.Current.User.Identity.IsAuthenticated;
    }
    /// <summary>
    /// 
    /// </summary>
    /// <param name="userName"></param>
    /// <param name="password"></param>
    /// <returns></returns>
    public static bool ValidUser(string userName, string password)
    {
        if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password))
        {
            T_ACCOUNT accout = new T_ACCOUNT();
            if(accout.CheckAccout(userName,password))
            {
                T_ACCOUNT info = new T_ACCOUNT(userName);
                HttpContext.Current.Session.Add("AccountInfo", info);
                FormsAuthentication.SetAuthCookie(userName.TrimEnd(), true, FormsAuthentication.FormsCookiePath);
                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
                    info.ACCOUNTID,
                    DateTime.Now,
                    DateTime.Now.AddMinutes(20),
                    false,
                    info.ACCOUNTNAME//可以将Roles按","分割成字符串，写入cookie
                    );
                string data = FormsAuthentication.Encrypt(ticket);
                HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, data);
                cookie.Path = FormsAuthentication.FormsCookiePath;
                cookie.Domain = FormsAuthentication.CookieDomain;
                cookie.Expires = ticket.Expiration;
                HttpContext.Current.Response.Cookies.Add(cookie);
                return true;
            }
        }
        return false;
    }
}